Process to identify security needs and how it effects the foundation of the policy How can you possibly protect your IT infrastructure if you have no idea what you are protecting it against? That’s why it is important to identify the security needs and/or vulnerabilities thoroughly with a basic risk assessment. So a risk assessment is the process that should be completed first and it will help to identify the security needs. During this process you will be faced with some basic questions that will help to identify your security needs. These questions include the following as a start:
1. What are the assets that are within the organization that are in the need of protecting?
2. What are the risks that are associated with each …show more content…
There are many different ways you can identify your risks. You can start by brainstorming with personnel and work on identifying which of your assets are at risk. Take for example the difference of a server to a workstation is terms of security. A server is more likely to contain more sensitive information on it than your typical workstation, so even though the workstations need to be secured, a stolen or compromised server would cause more damage and therefore needs to be placed hire on the risk chart. After you have identified your risks, you can then begin to develop a policy that will help to reduce or eliminate the risks. (Benson,